UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets

[mirror_ubuntu-bionic-kernel.git] / security / apparmor / lib.c

diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c
index 4d5e98e49d5e06a9066f618adabe2767da45ff3c..23f3d16d6b85ec536027bada879ddf6c5f7aa640 100644 (file)
--- a/security/apparmor/lib.c
+++ b/security/apparmor/lib.c
@@ -211,7 +211,8 @@ void aa_perm_mask_to_str(char *str, const char *chrs, u32 mask)
        *str = '\0';
 }
 
-void aa_audit_perm_names(struct audit_buffer *ab, const char **names, u32 mask)
+void aa_audit_perm_names(struct audit_buffer *ab, const char * const *names,
+                        u32 mask)
 {
        const char *fmt = "%s";
        unsigned int i, perm = 1;
@@ -229,7 +230,7 @@ void aa_audit_perm_names(struct audit_buffer *ab, const char **names, u32 mask)
 }
 
 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs,
-                       u32 chrsmask, const char **names, u32 namesmask)
+                       u32 chrsmask, const char * const *names, u32 namesmask)
 {
        char str[33];
 
@@ -326,7 +327,7 @@ void aa_compute_perms(struct aa_dfa *dfa, unsigned int state,
        /* for v5 perm mapping in the policydb, the other set is used
         * to extend the general perm set
         */
-       perms->allow |= map_other(dfa_other_allow(dfa, state));
+       perms->allow |= map_other(dfa_other_allow(dfa, state)) | AA_MAY_LOCK;
        perms->audit |= map_other(dfa_other_audit(dfa, state));
        perms->quiet |= map_other(dfa_other_quiet(dfa, state));
 //     perms->xindex = dfa_user_xindex(dfa, state);